Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

misp-proxy - HTTPS request redirect to HTTP response #4

Open
pasket opened this issue Aug 16, 2018 · 2 comments
Open

misp-proxy - HTTPS request redirect to HTTP response #4

pasket opened this issue Aug 16, 2018 · 2 comments

Comments

@pasket
Copy link

pasket commented Aug 16, 2018

Hi,

I'm trying to configure misp-proxy to ensure all is transmited securely using https.
However, if you make a https request, it always respondes with http page. For example:

httpS://localhost redirects to http://localhost/users/login
httpS://localhost/users/logout redirects to http://localhost/users/login
...

One https request gets an http redirection.

I appreciate any help.

Thanks.

@pasket
Copy link
Author

pasket commented Aug 17, 2018

Hi,

I've been analyzing this issue and for the moment I'll work with this workarround. First thing, I don't need a reverse proxy jet, I just need to allow MISP access exclusively by HTTPS. So, I decided to focus on that and to configure misp-web image/container to serve HTTPS requests.

  1. Create a directory for the certificates and create using openssl
$ mkdir misp-web/ssl
$ cd misp-web/ssl
$ openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout misp-web.key -out misp-web.crt
  1. Change Apache configuration in order use only SSL. Do it in a separated file, I'll mount it later using docker-compose.
$ cd ..
$ vim misp.conf
	# <VirtualHost *:80>
	# 	ServerAdmin me@me.local
	# 	ServerName misp.local
	# 	DocumentRoot /var/www/MISP/app/webroot
	# 	<Directory /var/www/MISP/app/webroot>
	# 		Options -Indexes
	# 		AllowOverride all
	# 		Order allow,deny
	# 		allow from all
	# 	</Directory>
	# 
	# 	LogLevel warn
	# 	ErrorLog /var/log/apache2/misp.local_error.log
	# 	CustomLog /var/log/apache2/misp.local_access.log combined
	# 	ServerSignature Off
	#         Header set X-Content-Type-Options nosniff
	#         Header set X-Frame-Options DENY
	# </VirtualHost>

	<VirtualHost *:443>
		ServerAdmin me@me.local
		ServerName misp.local
		DocumentRoot /var/www/MISP/app/webroot
		<Directory /var/www/MISP/app/webroot>
			Options -Indexes
			AllowOverride all
			Order allow,deny
			allow from all
		</Directory>

		LogLevel warn
		ErrorLog /var/log/apache2/misp.local_error.log
		CustomLog /var/log/apache2/misp.local_access.log combined

		SSLEngine on
		SSLCertificateFile /etc/ssl/certs/misp-web/misp-web.crt
		SSLCertificateKeyFile /etc/ssl/certs/misp-web/misp-web.key

		ServerSignature Off
	        Header set X-Content-Type-Options nosniff
	        Header set X-Frame-Options DENY
	</VirtualHost>
  1. Modify docker-compose to share https port and mount configuration file and the certificates
$ cd ..
$ vim docker-compose.yml
	...
	ports:
      # - "80:80"
      - "443:443"
    volumes:
      - ./misp-web/misp.conf:/etc/apache2/sites-available/misp.conf
      - ./misp-web/ssl:/etc/ssl/certs/misp-web
      ...
	...
  1. Start docker-compose, just to create the container. MISP will not work yet.
    $ docker-compose up -d

  2. I don't really like this because it applies to the container and not to the image. We need to activate ssl and restart Apache.

$ docker exec -it misp-web a2enmod ssl
$ docker exec -it misp-web service apache2 restart
  1. Ready. Check https://<your_misp_ip>

@guirkgumbo
Copy link

Hey! Reaching out since this issue is the closest one to mine.

I am attempting to setup https only traffic with an ssl and have my misp server be available at a subdomain i.e.( misp.xxxx.com).

Updated the docker.compose.yml and apache2 config and ssl certs. The browser is happy with the domain name and says the certs are valid but when I login I get
image

Any thoughts?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants